-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[User Accounts] Fix edge-case that gave a confusing error message #5956
[User Accounts] Fix edge-case that gave a confusing error message #5956
Conversation
@lingma Would you mind reviewing? |
What about |
Are you asking what happens if the Email equals the password? There should be an error condition for that. You can test and see. |
No, I am wondering what if the password is |
The proposed code could solve this problem. But I did not test. |
I don't understand what problem you are trying to address here. |
I am wondering what if the password is the same as the Email, only add a |
The A benefit of this is that the modules don't have to be responsible for checking passwords. E.g. Passwords can be changed in the |
I just had a look at the code, and the Zxcvbn only seems to check the complexity of the input in the Password class. It doesn't validate that the blacklisted things that the library doesn't know about (ie. the email address) aren't a substring as far as I can tell. |
That's true; it's not a feature we discussed. The code has only ever checked if the Password === Email as far as I know. We can add that in another PR? |
Sure, I just meant that that's what @lingma seems to be saying that you're misinterpreting.. |
Brief summary of changes
When both the password and email fields were empty, an error was displayed saying "Your password cannot match your email address"
While technically accurate, this isn't actually helpful for a user, especially since our checkbox option "Generate new password" requires leaving the password field blank.
Testing instructions (if applicable)
Link(s) to related issue(s)